<?php

require("sessFunc.inc.php");
require("dbFunc.inc.php");
require("defs.inc.php");

verifySession();

if(!isset($_SESSION['logged']) || !isset($_SESSION['id']))
{
   header("Location: http://".$_SERVER['HTTP_HOST']
      .dirname($_SERVER['PHP_SELF'])."/error.php?errid=12");
   return;
}

if(!isset($_POST['base']) || strval($_POST['base']) < 0.01)
{
  header("Location: http://".$_SERVER['HTTP_HOST']
      .dirname($_SERVER['PHP_SELF'])."/rilancio.php?errid=1&id_oggetto=".$_POST['id_oggetto']."&id_asta=".$_POST['id_asta']);
  return;
}

if(!isset($_POST['riserva']) || strval($_POST['riserva']) < 0.01)
{
  header("Location: http://".$_SERVER['HTTP_HOST']
      .dirname($_SERVER['PHP_SELF'])."/rilancio.php?errid=2&id_oggetto=".$_POST['id_oggetto']."&id_asta=".$_POST['id_asta']);
  return;
}

if(!isset($_POST['id_oggetto']) || !is_numeric($_POST['id_oggetto']))
{
  header("Location: http://".$_SERVER['HTTP_HOST']
      .dirname($_SERVER['PHP_SELF'])."/rilancio.php?errid=3&id_oggetto=".$_POST['id_oggetto']."&id_asta=".$_POST['id_asta']);
  return;
}

if(!isset($_POST['durata']) || strval($_POST['durata']) < 3 || strval($_POST['durata']) > 60)
{
  header("Location: http://".$_SERVER['HTTP_HOST']
      .dirname($_SERVER['PHP_SELF'])."/rilancio.php?errid=4&id_oggetto=".$_POST['id_oggetto']."&id_asta=".$_POST['id_asta']);
  return;
}

$base = $_POST['base'];
$riserva = $_POST['riserva'];
$durata = $_POST['durata'];
$id_oggetto = $_POST['id_oggetto'];

$id_asta = dbCreateAuction($durata, $base, $riserva, $id_oggetto);

$REDIRECT_STRING = "Location: http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/rilancio.php?ok=true&id_asta=".$id_asta;

header($REDIRECT_STRING);
?>